nicholasjackson / cnitchLinks
Container Snitch checks running processes under the Docker Engine and alerts if any are found to be running as root
☆78Updated 8 years ago
Alternatives and similar repositories for cnitch
Users that are interested in cnitch are comparing it to the libraries listed below
Sorting:
- Docker authentication plugin to enforce a image pull policy. Whitelist Docker images allowed to be pulled.☆42Updated 7 years ago
- Kubernetes security scanner based on the open-source container vulnerability scanner Trivy.☆23Updated 4 years ago
- ☆55Updated 7 years ago
- Falco container runtime security extras (default rulesets and more)☆49Updated 6 years ago
- The Container Security Book—a free book for practitioners☆82Updated 5 years ago
- ⛔️ DEPRECATED Kubernetes operator and CLI tool for encrypting and managing Kubernetes secrets☆65Updated last year
- Bash wrapper script for Aquasec Microscanner☆61Updated 5 years ago
- Web Application Firewall (WAF) on Kubernetes☆69Updated 3 years ago
- Kubernetes Common Configuration Scoring System☆123Updated 3 years ago
- A magic shim for Docker credential helpers 🪄☆72Updated 3 years ago
- Because Clair needs a friend☆31Updated 6 years ago
- An actuary is a business professional who analyzes the financial consequences of risk.☆80Updated 8 years ago
- A proxy for docker.sock that enforces access control and isolated privileges☆144Updated 4 years ago
- A Kubernetes implementation in bash (srsly)☆17Updated 7 years ago
- A @HashiCorp Vault plugin for authenticating and receiving policies via Slack.☆50Updated 5 years ago
- ☆33Updated 6 years ago
- Use Manifesto to store and query metadata for container images.☆163Updated 6 years ago
- A Dockerfile that creates an image with known vulnerabilities.☆50Updated 3 years ago
- Container Security Workshop covering using Falco on Kubernetes.☆106Updated 4 years ago
- Prometheus metrics exporter for HashiCorp Vault☆38Updated 2 years ago
- API that leverages Clair to scan Docker Registries and Kubernetes Clusters for vulnerabilities☆151Updated 2 years ago
- Kubernetes operator for Falco that allows developers to manage rules for detecting intruders and backdoors☆68Updated 5 years ago
- ☆37Updated 4 years ago
- Simple logger (with rainbows) for Go☆36Updated 4 years ago
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated last week
- a tool to audit the istio service mesh☆173Updated 3 years ago
- A Terraform module to create and maintain Kubernetes clusters on AWS easily, relying entirely on kops☆38Updated 2 years ago
- Aqua Enterprise scanner as a plug-in vulnerability scanner in the Harbor registry☆36Updated 11 months ago
- [EXPERIMENTAL] Extend osquery to report on Kubernetes☆228Updated 4 years ago
- Simplifying Seccomp enforcement in containerized or non-containerized apps☆112Updated 4 years ago